I'm looking into the managed switch HP ProCurve 1810G-24 to see if it can meet our office demands. The specs say it has IEEE802.1Q - whatever that means.

Our office consists of four companies that share a common broadband connection. The infrastructure of the building is such that it results in all ethernet cables are located in our server room with a patch panel.

I've read a some about VLAN and what it is about, but can't quite get a grasp on whether it is suited for our needs or not, so I decided to post our scenario here and get some professional opinions on the matter.

We wish to separate our four companies so that each company cannot access resources on a different VLAN. At the same time, we wish to allow for a shared internet access.

I thought the solution would be to set port 1 as VLAN 1 and connect the broadband router to that port. Then create VLAN 2-5 (four VLAN's) on the remaining ports by setting T (tag) on all ports for the VLAN in question, and setting E (exclude all) on all ports not on that VLAN - BESIDES port 1 where the broadband router is located, which i set to U (untag).

Or is the solution to also include port 1 as T (tag) for each VLAN?

I hope I made myself understood and that someone could shine a light on this scenario.

It's a really simple ADSL modem/router called "Billion". I seriously doubt it has multi-network support. Any advice on router selection? I could setup my modem as DMZ and put the router between the networks and the modem.
–
VincentJun 5 '12 at 13:26

1810G-24 supports tagged vlans. to make things work you'll divide switch into separate isolated subnets each in separate vlan. one interface of switch will give tagged access to all vlans to your router. on it you'll have to create separate subnets / nat rules for each of the office tenants.

Are you on the switch or the router? I don't think our broadband router / DHCP has the functionality to create subnets. Maybe i misunderstood you. Speak as you would to a child :)
–
VincentJun 5 '12 at 12:45

it's correct - one interface of a switch will face your router, i'll provide trunk with all vlans. your router needs to be able to 'unpack' those vlans from tagged trunk and handle them separately. 'Billion' router probably will be unable to do it.
–
pQdJun 5 '12 at 13:44